NVD

Id
82264  
Name
CVE-2017-5962  
Description
An issue was discovered in contexts_wurfl (for TYPO3) before 0.4.2. The vulnerability exists due to insufficient filtration of user-supplied data in the force_ua HTTP GET parameter passed to the /contexts_wurfl/Library/wurfl-dbapi-1.4.4.0/check_wurfl.php URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-03-18  
Published
2017-02-11  
Modified Date
2017-03-03  
Seq
2017-5962  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
406252 82264 CVE-2016-2519 http://support.ntp.org/bin/view/Main/NtpBug3008  View
406253 82264 CVE-2016-2519 88204  View
406254 82264 CVE-2016-2519 VU#718152  View
406798 82264 CVE-2017-2977 https://helpx.adobe.com/security/products/Digital-Editions/apsb17-05.html  View
406799 82264 CVE-2017-2977 https://helpx.adobe.com/security/products/Digital-Editions/apsb17-05.html  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
65591 JVNDB-2017-001954 TYPO3 用 contexts_wurfl における任意の HTML およびスクリプトコードを実行される脆弱性 TYPO3 用 contexts_wurfl には、脆弱な Web サイトのコンテキスト内のブラウザで任意の HTML およびスクリプトコードを実行される脆弱性が存在します。 CVE-2017-5962 CVE-2017-5962 82264 4.3 6.1 http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-001954.html 2017-01-15 2017-03-24 View